SoftBank close to a deal to sell Arm to Nvidia, creating a powerhouse

The potential deal, worth more than $40 billion, is the latest in a series of big asset sales by Softbank. Arm designs microprocessors that power most of the world’s smartphones and Nvidia is a fast-growing industry player whose chips are central to videogaming, cloud-computing and data centers that handle remote work and cashless transactions. Should a deal come together, it would be one of the largest transactions so far this year and potentially the largest semiconductor deal ever.

(Wall Street Journal)

Zoom now offers two-factor authentication

Having faced a backlash for inadequate security of its videoconferencing services, a problem magnified by the sudden exponential increase in users and abusers due to the COVID-19 lockdown, Zoom now confirms that two factor authentication is available as an option for each meeting. This follows a previous fix that provided end-to-end encryption. Meeting hosts can enable 2FA for all users or specific people, by choosing Advanced, and then Security, from the Zoom dashboard.

(CISOMag)

China may kill TikTok’s US operations rather than see them sold

As the deadline for a deal between ByteDance and the U.S. Government arrives, a report from Reuters suggests the Chinese government may prefer that TikTok simply shutter its U.S. operations instead of allowing it to be sold to an American company. The controversial forced sale involves the Trump administration, and potential suitors including Microsoft, Walmart, and Oracle. TikTok has also been banned in India, and faces internal challenges from a changing regulatory environment in China.

(TechCrunch)

GOP states join U.S. Google antitrust case 

The lawsuit, headed by the Justice Department, focuses on Google’s online advertising business. But the complex case also includes some Democrat-led states who are currently investigating potential anticompetitive conduct involving Google’s Android mobile operating system. Despite divisions between states and the highly polarized political nature of the case, it is expected to be the most significant antitrust action in the U.S. since the government sued Microsoft in 1998.

(Bloomberg)

Thanks to this week’s sponsor, Dtex Systems

Dtex Systems
Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises run safer and smarter with a first-of-its-kind human-centric approach to enterprise operational intelligence.
Learn more and start a free 30-day trial at
dtexsystems.com.

Ransomware attacks are the major cause of cyber insurance claims in 2020

A report published by North American cyber insurance services company Coalition shows that ransomware incidents accounted for 41% of cyber insurance claims filed in the first six months of 2020. The report reveals that the average ransomware demand increased by 100% from 2019 through 2020 with the severity of the attacks increasing by 47%. The data indicates how certain malicious ransomware strains such as Maze and DoppelPaymer tend to push the overall averages higher. 

(CISOMag)

Top vulnerabilities exploited by ransomware attackers in 2020

Another mid-year review shows the biggest security trend for 2020 thus far is the increase of phishing and other attacks targeting remote workers. A recent Check Point Software Technologies mid-year review highlighted VPN, remote access, and phishing as key weaknesses. The report showed that 80% of these attacks used vulnerabilities that had been reported and registered in 2017 and earlier, with more than 20% of the attacks using vulnerabilities that were at least seven years old, revealing a significant problem with home based workers and their employers keeping software up to date.

(CISO Online)

CyberRisk Alliance acquires Security Weekly 

CyberRisk Alliance (CRA) , a business intelligence company serving the cybersecurity and information risk management marketplace, has acquired Security Weekly, a podcast network serving the cybersecurity community. The transaction represents the latest in a series of strategic acquisitions for CyberRisk Alliance including SC Media, Infosec World Conference and Expo, Cybersecurity Collaboration Forums and Cybersecurity Collaborative. The founders of Security Weekly, Paul Asadoorian and Matt Alderman, will join CRA, continuing in their roles leading Security Weekly, and as program hosts.

(Security Weekly)

Giggle fiasco reveals developments and shortcomings in vulnerability-disclosure policies

The relationship between ethical hackers, bug bounty hunters and companies is being revealed in a case study involving the social networking platform Giggle and the security firm Digital Interruption, which recently went public on Twitter to alert Giggle’s founder to a serious security flaw. The case is spotlighting the need for consistent vulnerability-disclosure policies (VDPs), with Facebook and the U.S. government weighing in with guidelines for ethical bug-hunting.

(ThreatPost)